Back to skill
Skillv0.1.1
VirusTotal security
Wiggle Rooms · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 9:21 AM
- Hash
- 30008bdcd1190ebd1a34cf32faa49e84e5904a989a2197b7a6205c17be84f0cc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wiggle-rooms Version: 0.1.1 The skill downloads and executes an external NPM package (`npx -y wiggle-rooms`) to run a background daemon that synchronizes local file content with a third-party server (`wiggle-rooms.vercel.app`). While these actions are aligned with the stated purpose of multi-agent communication, the combination of remote code execution via `npx` and the automated transmission of data to an external endpoint presents a significant security risk and potential for data exfiltration if the package or server is compromised.
- External report
- View on VirusTotal